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An Electronic Transaction System for the Internet 
Field of Invention 
The present invention relates to an electronic transaction system for the 
internet, especially to an electronic transaction system for the internet that 
5 provides necessary security functions for the electronic commerce in the internet. 
Background of Invention 
Due to the wide application of the internet, electronic transactions in the 
internet have become popular in this society. However, security of the electronic 
transaction is always a topic being discussed. Not only buyers but also product 
10 and service providers are not willing to participate in the electronic commerce, 
unless their worry in the security problem is relived. 

In the conventional art, a restrict security system to ensure the safety in the 
electronic commerce has been developed. Such a system primarily uses a public 
key and a private key to ensure the security of the electronic transaction. The 
1 5 public key is a code that is allowed to provide to others and the private key is a 
code to be kept confidential by its user. Under the security system, information 
to be transmitted in a communication channel may be secured with a security code 
relatively to a public key or a private key and decoded by receiver of the 
information with a corresponding private key or public key, returning to the 
20 original information. 

In the above-said security system, the coding and the decoding processes 
made the electronic transaction very complicated. Fig. 3 shows the flow chart of 
an electronic transaction under the conventional electronic commerce system. 
As shown in this figure, when a user clicks a product in a provider website at 301, 



2 



a transaction mode is provided. At 302 the provider website asks the user to 
input his/her credit card or bank card number, valid date and other information. 
At 303 the input information is coded by the personal computer of the user with a 
private key and a public key, such the information becomes a secured information. 
5 At 304 the secured information is transmitted to the provider website. 

In this stage, at 305 the provider website links itself with the website of the 
issuing back of the credit card or the bankcard. The bank website asks the 
provider website to provide its security code at 306. At 307 the bank website 
uses the public key to decode the provided security code and verify. After the 

10 verification, at 309, a notice is transmitted to the provider website and user's 
personal information is requested. At 3 10 the provider website transmits the 
secured card number, valid date, security code and other information to the bank 
website. At 3 11 the bank website decodes the transmitted information with the 
public key and verify. After the verification, the transaction requested by the 

15 user is permitted and the result is provided to the provider at 312. At 313, the 
provider website transmits the result to the user and enters into the shipping stage. 
In the above steps, the notices generated by the bank and the provider may be 
secured information. The transmission and decoding of the secured information 
may be conducted according to the above-said approaches. 

20 In the above-described transaction, the information is exchanged among 

three parties. As a result, a waste in time and processing costs is found. In 
addition, the personal information of the user is first transmitted to the provider 
website. During the transmission, the information is exposed to the access of the 
provider and third parties, although the information has been secured. In order 
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to ensure the security of the information, necessary means are required. Costs in 
the electronic commerce is further increased. 

It is thus necessary to provide a simplified electronic transaction system for 
the internet that can provide a simplified electronic transaction procedure to 
5 reduce time and cost in the electronic transaction. 

It is also necessary to provide a novel electronic transaction system for the 
internet so that electronic transaction with higher security may be realized. 
Objectives of Invention 
The objective of this invention is to provide a simplified electronic 
10 transaction procedure to reduce time and cost in the electronic transaction. 

Another objective of this invention is to provide a novel electronic 
transaction system for the internet so that electronic transaction with higher 
security may be realized. 

Summary of Invention 
1 5 According to the electronic transaction system for the internet of this 

invention, the electronic transaction system is used in an internet comprising at 
least one user site, at least one provide website and at least one bank website. 
The controlling operations of the electronic transaction system comprises: when a 
user site transmits a request of transaction to the provider website, the user site is 
20 liked to a payment authentication server and the request is examined by the 
payment authentication server. Upon approval of the request, the payment 
authentication server is linked to the payment gateway of the bank website to 
request payment authorization. Upon the approval or rejection by the payment 
gateway of the bank website, the payment authentication server is linked to the 
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provider website to notify said approval or rejection. Transactions between the 
user site and the provider website may thus be operated. The result may further 
notified to the user site through another linkage between the payment 
authentication server with the user site. In this invention, the payment 
5 authentication server serves as an intermediator among me user site, the provider 
website and the bank website. The transaction procedure may thus be simplified. 
Confidentiality of personal information of users may thus be maintained. In the 
embodiment of this invention, the transaction linkages are conducted by the 
payment authentication server. 
10 The above and other objectives and advantages may be clearly understood 

from the detailed description by referring to the following drawings. 

Brief Description of Drawings 

Fig. 1 illustrates the system diagram of the electronic transaction system for 
the internet of this invention. 
1 5 Fig. 2 shows the flow chart of the electronic transaction system for the 

internet of this invention. 

Fig. 3 shows the system diagram of a conventional electronic transaction 
system for the internet. 

Detailed Description of Invention 
20 In the followings, the electronic transaction system for the internet of this 

invention will be described by referring to Fig. 1 . Fig. 1 illustrates the system 
diagram of the electronic transaction system for the internet of this invention. 

As shown in Fig. 1, the electronic transaction system for the internet is used 
in the internet 100. The internet 100 comprises: at least one user site 105 that 
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may be linked to the internet 100; at least one provider website 104 to promote 
products, services or information in the internet 100; at least one bank website 101 
to provide payment and other banking services; and an authentication center 102 
to provide authentication services to bank websites 101, provider websites 104 
5 and user sites 105. The authentication services and its functions and operations 
are already known to those skilled in the art. Detailed description thereof is thus 
omitted. 

In the present invention, a payment authentication server 103 is provided. 
The payment authentication server 103 is an electronic transaction server 

10 independent from the bank website 101, the provider site 104 and the user site 105. 
The functions of the payment authentication server 103 include intermediation, 
control and operation of the examination and the transmission of information 
during an electronic transaction. At the bank website 1 0 1 , a payment gateway 
106 may be provided to handle the transactions and data transmissions between 

1 5 the bank website 101 and its external sites, including the payment authentication 
server 103, so that security in the electronic transaction may be ensured. In order 
to further enhance the security of the electronic commerce, a firework (not shown) 
may also be provided between the bank website 101 and the payment gateway 
106. 

20 Before any electronic transaction may be started, the payment authentication 

server 103 shall first obtain an authorization from the authentication center 102. 
In doing so, the payment authentication server 103 submits an application with the 
authentication center 102 to be authorized to receive information coded with SSL. 
Upon such application, the authentication center 102 provides a necessary 



authorization to the payment authentication server 103. After the authorization 
the payment authentication server 103 will have the right to provide to the 
provider website 104 and the user site 105 payment authentication and other 
authentication services. The authentication of the payment authentication server 
5 103 may be conducted in any approach as already known to those skilled in the 
art. 

Before the provider website 104 and the user site 105 may execute an 
electronic transaction in the electronic transaction system for the internet of this 
invention, pre-authentication of the provider website 104 and the user site 105 

1 0 with the payment authentication server 1 03 is necessary. When the provider 
website 104 submits an application for pre-authentication, a batch of relative 
information including email address, name, ID No. and other data representing the 
provider website 104 or the provider is provided to the payment authentication 
server 103. After examination, the payment authentication server 103 generates 

15 a provider series number, labels the batch of information and transmits the series 
number to the provider website 104, with which the provider website 104 may 
execute its electronic transaction accordingly. The procedure of 
pre-authentication to the bank website 1 01 and the user site 105 is similar to that 
to the provider website 104. 

20 In the followings, procedures of the electronic transaction in the electronic 

transaction system for the internet of this invention will be given. Fig. 2 shows 
the flow chart of the electronic transaction of the electronic transaction system for 
the internet of this invention. 

As shown in this figure, when an electronic transaction takes place, at 201 
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the user site 1 05 links to the provider website 1 04 and transmits to the provider 
website 1 04 its user series number, requesting a transaction. In this step, the 
request is made to the provider website 104 from the user site 1 05 when user of 
the user site 105 clicks on an icon representing a product, service or information 
5 to be purchased. When making such a request, information including internet 
address of the user site 105, item and quantity to purchase, price and name of 
banker, is transmitted to the provider website 104 along with the series number 
(membership number) of the user or user site 105. In the embodiment of this 
invention, confidential information of the user or user site, such as bank account, 
10 credit card number, valid date and pass words, is not transmitted to the provider 
website 104. 

At 202 the provider website 104 forwards the received request, along with 
the received information and the series number and internet address of the 
provider website 104, to the payment authentication server 103, requesting for 

1 5 authentication. At 203, upon receipt of such a request, the payment 

authentication server 103 links itself to the user site 105 and starts to examine the 
received information with the enrolled information of the provider website 104 
and the user site 105. When the received information matches with the enrolled 
information, at 204 the payment authentication server 103 requests the user site 

20 105 to provide confidential information to the payment authentication server 103. 
The requested information includes bank account number, credit card number, 
bank card number, passwords and/or other information necessary in the electronic 
transaction. At 205 the user site 105 inputs the requested information and the 
input information is examined by the payment authentication server 103. After 



8 



approval of the payment, the payment authentication server 103 links itself to the 
payment gateway 106 and transmits a request for authorization of payment to the 
payment gateway 1 06. In forwarding such a request, the confidential 
information of the user or user site is transmitted to the payment gateway 106 for 
5 examination. At 207 the payment gateway 106 examines the credit card/bank 
card number, the valid credit/deposit and other necessary conditions of 
authorization and generates a result of examination. At 208 the payment 
gateway 106 transmits the result to the payment authentication server 103 and 
records the requested transaction. When the request is approved, the result 

10 information contains an authorization code. When the request is rejected, the 
result contains a failure code. At 209 the payment authentication server 103 
links itself to the provider website 104, according to the authorization/failure code, 
the series and the internet address of the provider website 104, and transmits the 
result of authorization for payment to the provider website 104. Thereafter, at 

15 2 1 0 the payment authentication server 103 links the provider website 1 04 to the 
user site 1 05 . At 2 1 1 the provider website 1 04 determines whether the 
transaction between it and the user site 1 05, as previously requested by the user 
site 105, is successful, according to the information represented by the 
authorization/failure code. At 2 1 2, the result is transmitted to the user site 1 05 

20 by the provider website 104 and necessary actions, such as shipping of the 

purchased product, service or information, will be taken by the provider website 
104. 

In the above transaction, the result may also be transmitted to the user site 
105 by the payment authentication server 103. 
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When it is necessary for the provider website 104 to search records of its 
electronic transactions, or when it requests the bank website 101 to make 
payments, such a request is made to the payment authentication server 103. 
Upon such a request, the provider website 104 links itself to the payment 
5 authentication server 1 03 and input its series number and other necessary 
information. Upon receipt of the request and the attached information, the 
payment authentication server 1 03 examines the received information and, upon 
approval, transmits the request to the payment gateway 106, along with necessary 
information. The payment gateway 106, after examination, obtains requested 

1 0 information from the bank website 1 0 1 and transmits the obtained information to 
the payment authentication server 103. The requested information is then 
transmitted to the provider website 104 by the payment authentication server 103. 

In the above transaction, all information as transmitted may be mformation 
encoded with the public key and the private key. No matter what the information 

15 could be, the confidential information of the user site 1 04 or of the provider 

website 1 04 is not transmitted to the other party of the electronic transaction. In 
other words, during tile transaction, no confidential information is transmitted 
between any two of the user site, the provider website and the bank website. As 
a result, it is ensure that no confidential mformation is given to the other party of a 

20 transaction. Another advantage of such a transaction is that examination 
procedures of passwords and other necessary information in authorization, 
authentication are greatly reduced. It is obvious that security and efficiency in 
the electronic transaction may be improved. 
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As the present invention has be#n shown and described with reference to 
preferred embodiments thereof, those skilled in the art will recognize that the 
above and other changes may be made therein without departing form the spirit 
and scope of the invention. 



